Research by charity Business in the Community (BITC) revealed 40 per cent of small businesses had not taken any action on cyber security over the past 12 months. In addition, more than three-quarters of firms said they have no policy for controlling access to their data systems.
BITC warned small businesses must do more to protect themselves from the growing number of data breaches and said firms have a responsibility to their customers and supply chain to handle data safely and securely.
More than 2,000 cyber crimes were reported by businesses in 2018, according to the City of London Police, which leads national policing for fraud in England, Wales and Northern Ireland.
BITC chief executive Amanda Mackenzie said: “While it's often big companies which hit the headlines as victims of digital crime, when a small business is struck by a cyber attack decades of hard work can be erased in moments.
“The business owners suffer. The supply chains suffer. Most of all, communities suffer,” she added.
The findings follow a damning government report earlier this month that warned only 16 per cent of boards at FTSE 350 firms have a comprehensive understand of the loss or disruption caused by cyber threats.
Clare Gardiner, National Cyber Security Centre (NCSC) director of engagement, said: “Cyber security breaches can have a huge impact on businesses, and the NCSC has published a Small Business Guide to offer the best advice possible to potential victims.
“While we appreciate that cyber security might seem daunting, the NCSC is committed to helping organisations protect themselves against the majority of threats.”
source cityam
Industry: Cyber Security News
6 month contract inside IR35 Operational Cyber Security London c50% of the role is day to day operations / administration / liaising with 3rd party monitoring suppliers. More though investigations, getting ready for cyber essentials plus. Following up on vulnerability management. 20-30% active monitoring of alerts, tooling etc. 10% reporting / light oversight of junior Experience with Microsoft defender / Azure, Splunk, Tenable Experience in maintaining Cyber Essentials Plus is a big bonus. Knowledge across ISO27001, NIST GDPR required. Inside ir35 need someone in their London (city) office 2-3 days a week.
Fluent French / English Contactor cyber Security Project Manager needed. Experience in migrating technical cyber services from one physical region to another. Experience with Crowdstrike, Tanium, Palo Alto and or Zscaler ideal or comparable solutions. Language fluency in French AND English is essential. 12 month contract. Looking to start June. Day rate dependent on Experience. Apply today for more details
GRC security practitioner needed to ensure a financial service business to achieve SOC 2 type 1. Experience managing the end to end process is key, you will be the key individual to deliver this within a 6 month deadline. Experience of SOC 2 type 1 / type 2. The gathering of evidence, baseline of 27001, ukdpa, GDPR NIST etc. Looking to interview ASAP.
Security Operations engineer / Analyst with Crowdstrike Falcon Insight EDR experience for a 12 month contract. Experienced Contractor with Crowdstrike Falcon Insight: Endpoint detection and Response (EDR) experience needed - 12 month rolling project. Implementation, configuration and Analyst experience needed with Crowdstrike Falcon Insight: (EDR) Migration project- relocating capability internationally. technically implementing, configuration of that that migration and then transition to BAU role monitoring. DCL Search exclusive associate Project.